diff --git a/infra/main.bicep b/infra/main.bicep index b8bd719..03e6231 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -179,6 +179,16 @@ module userCognitiveServicesOpenAIContributor 'core/security/role.bicep' = { } } +module endpointCognitiveServicesOpenAIContributor 'core/security/role.bicep' = { + name: 'endpoint-cognitive-services-openAI-contributor' + scope: rg + params: { + principalId: machineLearningEndpoint.outputs.principalId + roleDefinitionId: 'a001fd3d-188f-4b5d-821b-7da978bf7442' + principalType: 'ServicePrincipal' + } +} + module mlServiceRoleDataScientist 'core/security/role.bicep' = { name: 'ml-service-role-data-scientist' scope: rg diff --git a/src/deploy.py b/src/deploy.py index ce77d88..96ee52c 100644 --- a/src/deploy.py +++ b/src/deploy.py @@ -124,17 +124,15 @@ def main(cli_args: List[str] = None): }, ) - model = ( - Model( - name="copilot_flow_model", - path=args.flow_path, # path to promptflow folder - properties=[ # this enables the chat interface in the endpoint test tab - ["azureml.promptflow.source_flow_id", "basic-chat"], - ["azureml.promptflow.mode", "chat"], - ["azureml.promptflow.chat_input", "chat_input"], - ["azureml.promptflow.chat_output", "reply"], - ], - ), + model = Model( + name="copilot_flow_model", + path=args.flow_path, # path to promptflow folder + properties=[ # this enables the chat interface in the endpoint test tab + ["azureml.promptflow.source_flow_id", "basic-chat"], + ["azureml.promptflow.mode", "chat"], + ["azureml.promptflow.chat_input", "chat_input"], + ["azureml.promptflow.chat_output", "reply"], + ], ) logging.info("Packaged flow as a model for deployment") @@ -167,15 +165,22 @@ def main(cli_args: List[str] = None): # those first variables are drawing from the hub connections "AZURE_OPENAI_ENDPOINT": os.getenv("AZURE_OPENAI_ENDPOINT") or "${{" + connection_string + "/target}}", - "AZURE_OPENAI_API_KEY": os.getenv("AZURE_OPENAI_API_KEY") - or "${{" + connection_string + "/credentials/key}}", - # the remaining ones can be set based on local environment variables "AZURE_OPENAI_ASSISTANT_ID": os.getenv("AZURE_OPENAI_ASSISTANT_ID"), "AZURE_OPENAI_API_VERSION": os.getenv( "AZURE_OPENAI_API_VERSION", "2024-02-15-preview" ), "AZURE_OPENAI_CHAT_DEPLOYMENT": os.getenv("AZURE_OPENAI_CHAT_DEPLOYMENT"), } + if "AZURE_OPENAI_API_KEY" in os.environ: + logging.warn( + "Using key-based authentification, instead we recommend using Azure AD authentification instead." + ) + logging.info( + f"The key will not be injected from your environment, but from the Project connection '{args.aoai_connection_name}'." + ) + environment_variables["AZURE_OPENAI_API_KEY"] = os.getenv( + "${{" + connection_string + "/credentials/key}}" + ) # NOTE: this is a required fix environment_variables["PRT_CONFIG_OVERRIDE"] = ( @@ -194,11 +199,13 @@ def main(cli_args: List[str] = None): ) # 1. create endpoint + print(f"Creating/updating endpoint {args.endpoint_name}...") created_endpoint = client.begin_create_or_update( endpoint ).result() # result() means we wait on this to complete - currently endpoint doesnt have any status, but then deployment does have status # 2. create deployment + print(f"Creating/updating deployment {args.deployment_name}...") created_deployment = client.begin_create_or_update(deployment).result() # 3. update endpoint traffic for the deployment diff --git a/src/requirements.txt b/src/requirements.txt index dc31ad1..c65dcb0 100644 --- a/src/requirements.txt +++ b/src/requirements.txt @@ -16,7 +16,7 @@ azure-identity==1.16.0 azure-mgmt-resource==23.0.1 azure-mgmt-search==9.1.0 azure-mgmt-cognitiveservices==13.5.0 -azure-ai-ml==1.16.0b1 +azure-ai-ml==1.16.0 # utilities omegaconf-argparse==1.0.1